TechPulse: Blog
Three Tricks to Spot Phishing Attempts
Cybersecurity needs to be a priority to any business that wants to continue their operations in the long-term. One threat that is very common today is the phishing attack.
In 2018, there was an increase in the prevalence of phishing attacks by 269 percent when compared to their prevalence in 2017. In addition, a full 32 percent of reported data breaches that year featured phishing to some extent. United States businesses may have had cause for the most concern, as nearly 86 percent of phishing attacks targeted American companies.
NCSAMโs Phishing-Heavy Theme: โOwn IT. Secure IT. Protect IT.โ
With National Cybersecurity Awareness Month well underway, itโs high time to pay attention to some of its lessons. These lessons effectively boil down to pretty basic practices that any user should cultivate into habits. Naturally, this includes some anti-phishing tactics.
Remember, you also have another knowledgeable resource to lean on for advice – weโre always available to assist you and your team. For instance, try implementing these best practices in your processes now to avoid phishing:
- Donโt trust surprise messages: One of the first signs that a message is hiding a phishing attack is if it just appears in your inbox. Letโs say you suddenly get an email that says that itโs from Amazon, claiming that your account needs to have its payment credentials verified after some suspicious purchases were made. Stop and consider some other facts before you reactโฆ have you received something like a receipt in your inbox for something that you didnโt order, or an anticipated delivery date? Any emails can – and should – be examined in this way to ensure that you arenโt walking into a threat. Itโs generally a good idea to reach out to the alleged sender through a different form of communication for confirmation.
- Make sure the details match up: When we get an email, itโs pretty typical that we only take a quick glance at who sent it without giving it a second thought. If a cybercriminal is worth their salt, they would have used a fake email that isnโt quite perfect, but passes the โquick glanceโ test. For instance, would you sooner click on an email from โbusiness_aclmin@gmail.com,โ or one from โgoogledave@grnail.com?โThe right answer is โneither,โ as in โneither A-C-L-M-I-N or G-R-N-A-I-L actually say what they appear to say at first.โ Therefore, they are most likely traps.
- Donโt trust surprise links or attachments, either: You need to be prepared before you even open a message, and this is one of the reasons why. Some links and attachments contain malware, or automatically direct you to a website that will begin installing the malware. Some have been especially tricky, asking the user to confirm the download, but completing the installation regardless of what they pick. Again, unless you expected an attachment or a link, think twice before just clicking through. It doesnโt hurt to confirm its legitimacy through another means, either.
Sure, October is National Cybersecurity Awareness Month, but hackers and cybercriminals donโt go into hibernation for the rest of the year. You should be sure that youโre just as secure for every one of the other 264 days as well. COMPANYNAME can help – reach out to us at PHONENUMBER to learn more.